The National Electrical Manufacturers Association (NEMA) and the International Society of Automation (ISA) announced June 29 they’ll jointly promote cybersecurity standards and practices for operation technology (OT) and industrial control systems (ICS), specifically the ISA/IEC 62443 series of standards. Because OT and ICS enable many manufacturing processes, especially producing infrastructure components, they report their partnership will boost policies that reference ISA/IEC 62443 standards in establishing codes, incentives and mandates for cybersecurity OT/ICS automation and systems.
NEMA and ISA are accredited standards development organizations by the American National Standards Institute (ANSI). They share a commitment to developing and promulgating leading standards and conformance programs that are relied on by public and private-sector entities worldwide. Developed by ISA and recognized by the International Electrotechnical Commission (IEC), the ISA/IEC 62443 standards offer practical guidance and resources to protect critical infrastructure and the supply chain.
“NEMA and ISA realize the urgent need to promote ISA/IEC 62443 standards,” says Patrick Hughes, senior VP for technical and industry affairs at NEMA. “This partnership will bring greater recognition of and reliance on these critical OT cybersecurity standards developed by ISA.”
Priorities for the partners include raising awareness in U.S. and global legislative, administrative and regulatory bodies about the important role that ISA/IEC 62443 plays in assuring OT/ICS cybersecurity. For example, the standards were recently:
- Included in the pending New York State Senate Bill S5636, "Critical Infrastructure Standards and Procedures (CRISP) Act" in New York State;
- Referenced in the latest edition of the National Fire Protection Association’s NFPA 70 National Electric Code;
- Referenced in the Cybersecurity Infrastructure Security Agency’s (CISA) Cross-Sector Performance Goals (CPG);
- Adopted by Standards Malaysia as a national Malaysian standard;
- Adopted by Taiwan and Singapore’s governments into public policy language for securing operational technology; and
- Adopted for mandatory, uniform requirements for securing onboard controls on shipping vessels by the International Association of Classification Societies (IACS).
“We’re excited about this partnership with NEMA, which will allow the reach and awareness of ISA/IEC 62443 that ISA has already achieved to grow even further,” adds Andre Ristaino, managing director, global consortia and conformity assessment at ISA. “NEMA’s commitment to supply-chain resilience and expertise in outreach and advocacy makes the organization an excellent partner for ISA.”